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Commissioner for Patents 
P.O. Box 1450 
Alexandria, VA 22313-1450 

ATTENTION: Board of Patent Appeals and Interferences 

APPEAL BRIEF (37 CJF.R. § 41.37) 

This brief is in furtherance of the Notice of Appeal, filed in this case on October 10, 2006, and the 
Notice of Panel Decision from Pre-Appeal Brief Review mailed October 25, 2006. 

The fees required under § 1.17, and any required petition for extension of time for filing this brief 
and fees therefor, are dealt with in the accompanying TRANSMITTAL OF APPEAL BRIEF. 

This brief contains these items under the following headings, and in the order set forth below (37 
C.F.R.§41.37(c)(i)): 

I REAL PARTY IN INTEREST 

II RELATED APPEALS AND INTERFERENCES 
m STATUS OF CLAIMS 

IV STATUS OF AMENDMENTS 

V SUMMARY OF CLAIMED SUBJECT MATTER 
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VI GROUNDS OF REJECTION TO BE REVIEWED ON APPEAL 

VII ARGUMENT 

Vin CLAIMS APPENDIX 

IX EVIDENCE APPENDIX 

X RELATED PROCEEDING APPENDIX 

The final page of this brief bears the practitioner's signature. 
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I REAL PARTY IN INTEREST (37 C.F.R, § 41.37(c)(l)(i)) 

The leal party in interest in this appeal is McAfee, Inc. 
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II RELATED APPEALS AND INTERFERENCES (37 C.F.R. § 41.37(c) (l)(ii)) 

With respect to other prior or pending appeals, interferences, or related judicial proceedings that 
will directly affect, or be directly affected by, or have a bearing on the Board's decision in the 
pending appeal, there are no other such appeals, interferences, or related judicial proceedings. 

A Related Proceedings Appendix is appended hereto. 
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IU STATUS OF CLAIMS (37 C.F.R. § 41.37(c) (l)(iii)) 

A. TOTAL NUMBER OF CLAIMS IN APPLICATION 

Claims in the application are: 1, 4, 6-12, IS, 17-25, 27-29, 32-35, 37-39 and 42-44 

B. STATUS OF ALL THE CLAIMS IN APPLICATION 

1 . Claims withdrawn from consideration; None 

2. Claims pending: 1, 4, 6-12, 15, 17-25, 27-29, 32-35, 37-39 and 42-44 

3. Claims allowed: None 

4. Claims rejected: 1, 4, 6-12, 15, 17-25, 27-29, 32-35, 37-39 and 42-44 

5. Claims cancelled: 2, 3, 5, 13, 14, 16, 26, 30, 31, 36, 40, and 41 

C. CLAIMS ON APPEAL 

The claims on appeal are: 1, 4, 6-12, 15, 17-25, 27-29, 32-35, 37-39 and 42-44 
See additional status information in the Appendix of Claims. 
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IV STATUS OF AMENDMENTS (37 C.F.EL § 41.37(c)(l)(iv)) 

As to the status of any amendment filed subsequent to final rejection, there are no such 
amendments after final. 
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V SUMMARY OF CLAIMED SUBJECT MATTER (37 C.F.R. § 41 J7(c)(l)(v)) 

With respect to a summary of Claim 1, as shown in Figures 1 and 3, a system for providing Web 
browser-based remote network appliance configuration in a distributed computing environment 
is provided, In use, the system includes one or more network appliances (e.g. see items lla-c of 
Figure 1, etc.) which are interconnected within a bounded network domain defined by a common 
network address space. Additionally, the system includes a configuration client (e.g. see item 16 
of Figure 1, etc.) which includes an applet (e.g. see item 23 of Figure 1, etc.) that executes within 
a Web browser (e.g. see item 17 of Figure 1, etc.) and that configures the network appliances 
(e.g. see items 1 la-c of Figure 1, etc.). The applet (e.g. see item 23 of Figure 1, etc.) includes a 
status module (e.g. see item 41 of Figure 3, etc.), which broadcasts a query message to the 
network appliances (e.g. see items lla-c of Figure 1, etc.) and processes a response message 
containing network settings. The network settings include a physical network address which is 
received by the applet from at least one such network appliance (e.g. see items lla-c of Figure 1, 
etc.) responsive to the query message. The applet also includes a configuration module (e.g. see 
item 42 of Figure 3, etc.) which generates and sends a configuration packet using the physical 
network address for each network appliance (e.g. see items lla-c of Figure 1, etc.) that sends a 
response message and requires configuration. 

The system also includes a list (e.g. see item 44 of Figure 3, etc.) of the network appliances (e.g. 
see items 1 la-c of Figure 1, etc.) maintained by the status module (e.g. see item 41 of Figure 3, 
etc.) for each network appliance (e.g. see items lla-c of Figure 1, etc.) that sends a response 
message and does not require configuration. Further, the system includes a completion module 
(e.g. see item 43 of Figure 3, etc.) which receives a status message from each network appliance 
(e.g. see items 1 la-c of Figure 1, etc.) requiring configuration that is responsive to receipt of the 
configuration packet. When the status message indicates an unsuccessful configuration, the 
configuration packet is resent to the at least one network appliance (e.g. see items lla-c of 
Figure 1, etc.). See, for example, page 4, line 2-page 5, line 16 et ah 

With respect to a summary of Claim 12, as shown in Figure 5, a method for providing Web 
browser-based remote network appliance configuration in a distributed computing environment 
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is provided. In use, a query message is broadcasted from an applet executing within a Web 
browser to one or more network appliances (e.g. see step 65 of Figure 5, etc.). The network 
appliances are interconnected within a bounded network domain, which is defined by a common 
network address space. A response message containing network settings, including a physical 
network address, that is received by the applet from at least one network appliance which is 
responsive to the query message, is processed (e.g. see step 66 of Figure 5 S etc.)- A 
configuration packet is generated and sent using the physical network address for each network 
appliance (e.g. see items lla-c of Figure 1, etc.) that sends a response message and requires 
configuration (e.g. see step 69 of Figure 5, etc.). 

Additionally, a list of the network appliances for each network appliance that sends a response 
message and does not require configuration is updated. A status message is received from each 
network appliance that requires configuration in response to receipt of the configuration packet 
(e.g. see steps 70 and 72 of Figure 5 3 etc.). When the status message indicates an unsuccessful 
configuration, the configuration packet is resent to the network appliance (e.g. see step 69 of 
Figure 5, etc.). See, for example, page 4, line 2-page 5, line 16 et al. 

With respect to a summary of Claim 24, as shown in Figures 1, 3 and 4, a system for remotely 
configuring a network appliance (e,g, see items lla-c of Figure 1, etc.) deployed within a 
distributed computing environment is provided. In use, at least one network appliance (e.g. see 
items 1 la-c of Figure 1, etc.) sends a response message containing network settings responsive to 
a query message broadcast over a specified network domain within which the network appliance 
operates. A configuration client (e.g. see item 16 of Figure 1, etc.) generates a configuration 
package for the network appliance (e.g. see items lla-c of Figure 1, etc.) containing centrally 
managed network settings customized for the network appliance. Additionally, a bootstrap 
module (e.g. see item 51 of Figure 4, etc.) on the network appliance (e.g. see items lla-c of 
Figure 1, etc.) installs the configuration package as part of an initialization bootstrap operation. 

Additionally, a library of applets (e.g. see item 23 of Figure 1, etc.) for one or more Web 
bxowser-based configuration clients (e.g. see item 16 of Figure 1 3 etc.) operates within the 
specified network domain. A completion module (e.g. see item 43 of Figure 3, etc.) sends a 
message comprising one of success, failure and unconfigured following configuration package 
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installation at each such network appliance (e.g. see items lla-c of Figure 1, etc.). Also, a status 
daemon (e.g. see item 54 of Figure 4, etc.) initializes a secure management session following 
successful configuration package installation on at least one such network appliance (e.g. see 
items lla-c of Figure 1, etc.). See, for example, page 4, line 2-page 5, line 16 et al, 

With respect to a summary of Claim 34, as shown in Figures 1 and 5, a method for remotely 
configuring a network appliance (e.g. see items lla-c of Figure l s etc.) deployed within a 
distributed computing environment is provided. In use, a response message containing network 
settings from at least one network appliance (e.g. see items lla-c of Figure 1, etc) responsive to 
a query message broadcast over a specified network domain within which the network appliance 
(e.g. see items lla-c of Figure 1, etc.) operates is sent (e.g. see step 66 of Figure 5, etc). A 
configuration package is generated for the network appliance (e.g. see items lla-c of Figure 1, 
etc). The configuration package contains centrally managed network settings customized for the 
at least one network appliance (e.g. see items lla-c of Figure 1, etc.). Additionally, the 
configuration package is installed on the network appliance (e.g. see items lla-c of Figure 1, 
etc.) as part of an initialization bootstrap operation. See, for example, page 6, lines 1 1-20 et al. 

Furthermore, a library of applets (e.g. see item 23 of Figure 1, etc) is maintained for one or more 
Web browser-based configuration clients (e.g. see item 16 of Figure 1, etc.) operating within the 
specified network domain. A message is sent comprising one of success, failure and 
unconfigured following configuration package installation at each network appliance (e.g. see 
steps 70, 72 and 73 of Figure 5, etc.). In addition, a secure management session is initialized 
following successful configuration package installation on at least one such network appliance 
(e.g. see items 1 la-c of Figure 1, etc.). See, for example, page 4, line 2-page 5, line 16 et al. 

Of course, the above citations are merely examples of the above claim language and should not 
be construed as limiting in any manner. 
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VI GROUNDS OF REJECTION TO BE REVIEWED ON APPEAL (37 C.F.R. § 
41.37(c)(l)(vi)) 

Following, under each issue listed, is a concise statement setting forth the corresponding ground 
of rejection. 

Issue # 1: The Examiner has rejected Claims 1, 4, 6, 9-12, 15, 17, and 20-23 under 35 U.S.C. 103(a) 
as being unpatentable over Engel et al. (U.S. Publication No 2002/0198969), in view of O'Toole et 
al. (U.S. Patent No. 6,345,294). 

Issue # 2: The Examiner has rejected Claims 7-8, 18-19, 23-25, 27-29, 32-35, 37-39, and 42-44 
under 35 U.S.C. 103(a) as being unpatentable over Engel et al. (U.S. Publication No 2002/0198969), 
in view of O'Toole et al. (U.S. Patent No. 6,345,294), further in view of Cohen (U.S. Publication 
No. 2003/0023732). 
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vn ARGUMENT (37 C.F.R. § 41.37(c)(l)(vii)) 

The claims- of the groups noted below do not stand or fall together. In the present section, 
appellant explains why the claims of each group are believed to be separately patentable. 

Issue # 1 : 

The Examiner has rejected Claims 1, 4, 6, 9-12, 15, 17, and 20-23 under 35 U.S.C. 103(a) as being 
unpatentable over Engel et al. (U.S. Publication No 2002/0198969), in view of O'Toole et al. (U.S. 
Patent No. 6,345,294). 

Group #1: Claims I 10-12, and 21-23 

With respect to independent Claims 1 and 12, the Examiner has relied on paragraph [0022) in 
Engel, and Col. 6, lines 29-38 from O'Toole to make a prior art showing of appellant's claimed 
"status module broadcasting a query message to the network appliances and processing a 
response message containing network settings, including a physical network address, received by 
the applet from at least one such network appliance responsive to the query message" (see the 
same or similar, but not necessarily identical language in the foregoing claims). 

Appellant respectfully asserts that the excerpt from O'Toole relied upon by the Examiner merely 
discloses that "[w]hen the SODA appliance is shipped from the factory, it is configured with a 
global unique number (GUID) (in the present implementation the MAC address of the Ethernet 
card) and with a DNS name for a server (e.g., soda.net) that hosts the appliance registry that 
contains information to configure the appliance" (emphasis added). Clearly, the mere disclosure 
that the MAC address of the Ethernet card is used as the global unique number of the SODA 
appliance, as in O'Toole, completely fails to even suggest "a physical network address," let 
alone "a status module broadcasting a query message to the network appliances and processing a 
response message containing network settings, including a physical network address, received by 
the applet from at least one such network appliance responsive t o the ouerv message" (emphasis 
added), as claimed by appellant. 
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In the Office Action mailed 04/10/2006, the Examiner has responded to appellant's arguments by 
arguing that the term "current configuration information" refers to the "status" of the device. 
Further, the Examiner has argued that "[w]hile the device may respond with a current 
configuration, if the device has not yet been initialized it would respond with a message stating it 
is currently not configured." 

Appellant respectfully disagrees and asserts that paragraph [0022] in Engel merely discloses that 
"[t]he remote configuration applet 20 gathers data on the network devices on the local network 
50 that respond to the multi-cast query message 1 ' where the "response from a network device to a 
multi-cast query message includes a set of current configuration information for the network 
device " (emphasis added). However, the mere disclosure that the remote configuration applet 
gathers current configuration information for the network devices that respond to the multi-cast 
query message, as in Engel, fails to suggest "a status module broadcasting a query message to the 
network appliances and processing a response message containing network settings, including a 
physical network address, received by the applet from at least one such network appliance 
responsive to the query message" (emphasis added), as claimed by appellant. Clearly, the 
excerpt from Engel fails to even suggest that the response message from the network appliances 
include a physical network address, in the manner claimed by appellant. 

Further, with respect to independent Claims 1 and 12, the Examiner has relied on Col. 7, lines 
16-29, and item 30 of Figure 3 from OToole to make a prior art showing of appellant's claimed 
"list of the network appliances maintained by the status module for each at least one such 
network appliance sending a response message and not requiring configuration" (see the same or 
similar language in the foregoing claims). 

Appellant respectfully asserts that the excerpt and figure from OToole relied upon by the 
Examiner merely discloses that the "registry has an attached database 30, which has a number of 
tables in it, including an ownership table 32, a boot status table 34, and a configuration table 36" 
(emphasis added). However, the mere disclosure of a registry with an attached database which 
includes an ownership table, boot status table, and configuration table, as in OToole, clearly 
fails to even suggest "a list of the network appliances maintained by the status module for each at 
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least one such network appliance sending a response message and not requiring configuration'' 
(emphasis added), as claimed by appellant. 

Additionally, with respect to independent Claims 1 and 12, the Examiner has relied on Col. 1 1, 
line 62 to Col. 12, line 21 from O'Toole to make a prior art showing of appellant's claimed 
"completion module receiving a status message from each at least one such network appliance 
requiring configuration responsive to receipt of the configuration packet 5 " (see the same or 
similar language in the foregoing claims). 

t 

Appellant respectfully asserts that the excerpt from O'Toole relied upon by tfie Examiner merely 
discloses that "[t]he only thing the ap pliance knows is what version of the software has been 
installed on the appliance by the manufacturer, a unique identification number or serial number 
or MAC address that distinguishes the appliance from other appliances, and whatever the 
appliance has observed from the local networking environment (step 108)" (emphasis added). 
Further, O'Toole teaches that "[t]he appliance sends a message containing these pieces of 
information to the a ppliance registry (step 114)" (emphasis added). However, the mere 
disclosure that the appliance sends a message containing a unique identification number or MAC 
address to the appliance registry, as in O'Toole, simply fails to even suggest "a completion 
module receiving a status message from each at least one such network appliance. , .responsive to 
receipt of the configuration packet" (emphasis added), as claimed by appellant. Clearly, the 
excerpt from OTooie fails to even suggest that the status message is sent in "responsfe] to 
receipt of the configuration packet" (emphasis added), as claimed by appellant. 

In addition, with respect to independent Claims 1 and 12, the Examiner has again relied on Col. 
1 1 , line 62 to CoL 12, line 21 from O'Toole to make a prior art showing of appellant's claimed 
technique "wherein the status message indicates an unsuccessful configuration, further 
comprising resending the configuration packet to the at least one such network appliance." 

Appellant respectfully asserts that the excerpt from O'Toole relied upon by the Examiner merely 
discloses that "the appliance sends to the appliance registry a description of its network 
configuration based on configuration information received from a boot server or based on what 
the appliance chose to use as its temporary networking configuration by observing the local 



PAGE 18/36 * RCVD AT 12/11/2006 7:19:48 PM [Eastern Standard Time] * SVR:USPT0-EFXRF-1/21 1 DNIS:2738300 * CSID:4039714660 * DURATION (mm-ss):09-00 



DEC. 1 1. 2006 4:35PM . ZILKA-KOTAB, PC 



NO. 5063 P. 19 



- 14 - 

network" (emphasis added). However, the mere disclosure that the appliance sends a 
description of the network configuration, as in O'Toole, simply fails to even suggest a technique 
"wherein the status message indicates an unsuccessful configuration, further comprising 
resending the configuration packet to the at least one such network appliance" (emphasis added), 
as claimed by appellant. 

To establish a prima facie case of obviousness, three basic criteria must be met. First, there must 
be some suggestion or motivation, either in the references themselves or in the knowledge 
generally available to one of ordinary skill in the art, to modify the reference or to combine 
reference teachings. Second, there must be a reasonable expectation of success. Finally, the prior 
art reference (or references when combined) must teach or suggest all the claim limitations. The 
teaching or suggestion to make the claimed combination and the reasonable expectation of 
success must both be found in the prior art and not based on applicant's disclosure. In re 
Vmck^M F.2d 488, 20 USPQ2d 1438 (Fed.Cir.1991). 

Appellant respectfully asserts that at least the third element of the prima facie case of 
obviousness has not been met, since the prior art references, when combined, fail to teach or 
suggest all of the claim limitations, as noted above. 

Group #2: Claims 4 and 15 

With respect to Claims 4 and 15, the Examiner has relied on Col. 24, lines 10-64 from O'Toole 
to make a prior art showing of appellant's claimed technique "wherein when the status message 
indicates a successful configuration, further comprising sending a kickstart message to each at 
least one such network appliance to initiate an autonomous management session" (see the same 
or similar language in the foregoing claims). 

Appellant respectfully points out that the above excerpt relied on by the Examiner merely 
teaches that " fclach appliance runs... a booter process 48 " that "[b]ooter 48 is responsible for 
configuring the appliance" and that "[the booter] runs the remote boot algorithm, collects 
database records, and then launches the other modules " (Col. 24, lines 15-16; Col. 24, lines 62- 
64 - emphasis added). However, teaching that a booter run bv the appliance launches other 
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modules fails to disclose "sending a kickstart message to each at least one such network 
appliance ." much less a technique "wherein when the status message indicates a successful 
configuration, further comprising sending a kickstart message to each at least one such network 
appliance to initiate an autonomous management session" (emphasis added), as claimed by 
appellant. 

Again, appellant respectfully asserts that at least the third element of the prima facie case of 
obviousness has not been met, as noted above. 

Group 43: Claims 6 and 1 7 

With respect to Claims 6 and 17, the Examiner has relied on Col. 14, line 31 - Col. 15, line 43 
from O' Toole to make a prior art showing of appellant's claimed technique "wherein when the 
status message indicates an on-going configuration, further comprising waiting for completion of 
configuration by the at least one such network appliance" (see the same or similar language in 
the foregoing claims). 

Appellant respectfully notes that the above reference citation merely discloses the situation 
where fi Hhe configuration data that the registry attempts to send to the appliance does not reach 
the appliance (step 204), a person using a web browser computer on the local area network of the 
appliance., . can access an internet service (step 206) in order to cause the configuration data to 
be obtained for the appliance" (CoL 14, line 66 - Col. 15, line 5). The above excerpt also teaches 
that "[the registry] can try to transmit information back to the clients using an IP packet" or the 
registry [may] respond as an HTTP request" (CoL 14, lines 40 - 46). Clearly, the only message 
from the appliance to the registry in O'Toole relates to a message where the 
"appliance... communicate[s] again with the registry indicating successful receipt by the 
appliance of the reply form the registry containing configuration information" (CoL 14, lines 36- 
38). However, the excerpt fails to even suggest a status message indicating an on-going 
configuration , much less a technique "wherein when the status message indicates an on-going 
configuration, further comprising waiting for completion of configuration by the at least one 
such network appliance" (emphasis added), as claimed by appellant. 
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Again, appellant respectfully asserts that at least the third element of the prima facie case of 
obviousness has not been met, as noted above. 

Group #4: Claims 9 and 20 

With respect to Claims 9 and 20, the Examiner has relied on paragraphs [0031] and [0032] from 
Engel to make a prioT art showing of appellant's claimed "sending at least one of the query 
message and the configuration packet from the applet responsive to instructions maintained in a 
message queue" (see the same or similar language in the foregoing claims). 

Appellant respectfully points out that the excerpts relied on by the Examiner merely teach that 
"the remote configuration applet 20 obtains the network configuration parameters 64 from the 
configuration server" (paragraph [0031]) and that "the remote configuration applet 20 transfers 
the network configuration parameters 64 to the network device 40 via the local network" 
(paragraph [0032]). However, merely teaching that a configuration server sends configuration 
parameters to an applet and that the applet in turn transfers the parameters to the network device, 
as in Engel, fails to even suggest a message queue , much less "sending at least one of the query 
message and the configuration packet from the applet responsive to instructions maintained in a 
message queue " (emphasis added), as claimed by appellant. 

Again, appellant respectfully asserts that at least the third element of the prima facie case of 
obviousness has not been met, as noted above. 

Issue # 2: 

The Examiner has rejected Claims 7-8, 18-19, 23-25, 27-29, 32-35, 37-39, and 42-44 under 35 
U.S.C. 103(a) as being unpatentable over Engel et aL (U.S. Publication No 2002/0198969), in 
view of OToole et al. (U.S. Patent No, 6,345,294), further in view of Cohen (U,S, Publication 
No. 2003/0023732). 

Group #7: Claims 7 and 18 
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Appellant respectfully asserts that such claims are not met by the prior art for the reasons argued 
above with respect to Issue # 1 , Group # 1 . 

Group #2: Claims 8 and 19 

With respect to Claims 8 and 19, the Examiner has relied on paragraph [0042] from Cohen to 
make a prior art showing of appellant's claimed technique "wherein the applet is received in a 
secure session" (see the same or similar language in the foregoing claims). 

Appellant respectfully asserts that the above excerpt relied on by the Examiner merely teaches 
that "(a] server can contain security or billing electronic service (e-service) logic 400" and that 
"[t]he logic 400 uses the user/user ID verifier 430 to determine user access to other devices and 
to account for usage by the user of the devices" (paragraph [0042] - emphasis added). However, 
disclosing the use of security logic to determine access to devices and account for usage of 
devices does not suggest a specific technique "wherein the applet is received m a secure session" 
(emphasis added), as claimed by appellant. 

Appellant respectfully asserts that at least the third element of the prima facie case of 
obviousness has not been met, as noted above. 

Croup #5: Claim 23 

Appellant respectfully asserts that such claims are not met by the prior art for the reasons argued 
above with respect to Issue #1 , Group #1 . 

Group #4: Claims 24-25, 28-29, 32-35, 38-39, and 42-44 

With respect to independent Claims 24 and 34, the Examiner has relied on paragraph [0032] in 
Engel to make a prior art showing of appellant's claimed "bootstrap module on the at least one 
network appliance installing the configuration package as part of an initialization bootstrap 
operation" (see the same or similar, but not necessarily identical language in the foregoing 
claims). 
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Appellant respectfully asserts that Engel actually teaches to the contrary of the Examiner's 
arguments, Specifically, Engel teaches that only "multi-cast capable devices on the local 
network 50 respond to the multi-cast query message" and that a "response from a network device 
to a multi-cast query message includes a set of current configuration information for the network 
device" (see paragraph [0022]). Thus, Engel teaches that the network device is currently 
configured, and not that it is previously unconfigured as the Examiner argues. Furthermore, 
Engel does not even disclose any sort of installation of the configuration package, but instead 
only teaches transferring the network configuration parameters to the network device (see 
paragraph [0032]). Thus, in view of such arguments, Engel simply does not teach "installing the 
configuration package as part of an initialization bootstrap operation, " as claimed by appellant 
(emphasis added). 

In the Office Action dated 04/1 0/2006, the Examiner has responded to appellant's arguments by 
asserting that paragraph [0018] in Engel discloses that the network device ''may be undergoing 
an initial configuration or an update to its configuration." Appellant respectfully disagrees. 
Appellant respectfully asserts the mere disclosure of finding a network device that may be 
undergoing an initial configuration fails to suggest that the network device is unconfigured, as 
argued by the Examiner. 

Further, the Examiner argued that "[i]n both Applicant's invention and Engel's teaching, an 
unconfigured device is capable of at least responding to this message to notify the central server 
that a configuration is requested." Appellant respectfully disagrees with the Examiner's 
argument and asserts that paragraph [0022] in Engel simply teaches that "[w]hen a network 
device responds to a multi-cast query message it indicates that the network device is capable of 
being configured " (emphasis added). However, the mere disclosure that a network device 
responds to a multicast query message indicating that it is capable of being configured, as in 
Engel, clearly fails to disclose " installing the configuration package as part of a n initialization 
bootstrap operation " (emphasis added), as claimed by appellant. 

In addition, with respect to independent Claims 24 and 34, the Examiner has relied on 
paragraphs [0032] and [0041] in Cohen to make a prior art showing of appellant's claimed 
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"library of applets for one or more Web browser-based configuration clients operating within the 
specified network domain" (see the same or similar, but not necessarily identical language in the 
foregoing claims). 

Appellant respectfully asserts that such excerpts from Cohen simply teach an EVM that "acts as 
a 'container' for downloaded applications, such as applets, which extend the functionality of a 
device running local embedded firmware." Appellant notes, however, that the EVM is simply an 
embedded virtual machine included in a device (see paragraph [0030]). Clearly, downloading 
applications to a device, as taught in Cohen, does not meet "a library of applets for one or more 
Web browser-based configuration clients" (emphasis added), as specifically claimed by 
appellant. 

In the Office Action dated 04/10/2006, the Examiner has argued that "Cohen does teach the use 
of a virtual machine present on each receiving client system" which "is used only to execute the 
customized applets that are downloaded." Further, the Examiner has argued that ct [a] central 
server contains a variety of applets that are available for each client to download and execute, 
with the help of the virtual machine (Cohen, paragraph [0041])/' 

Appellant respectfully disagrees and asserts that paragraph [0041] in Cohen merely discloses that 
" a central database on the same or a separate server contains the user identifications and 
permissions, device class capabilities, specific device configura tions and permissions, libraries of 
document marks and other characteristics useful to the logic functions, and applets to be 
downloaded to specific devices in order to modify the functionality of each device" (emphasis 
added). However, the mere disclosure by Cohen that the central database contains applets to be 
downloaded to specific devices in order to modify the functionality of each device, as in Cohen, 
fails to suggest "a library of applets for one or more Web browser-based configuration clients " 
(emphasis added), as claimed by appellant. In particular, applets that modify the functionality of 
each device and separate device configurations and permissions, as in Cohen, fails to suggest "a 
library of applets for one or more Web browser-based configuration clients" where a 
"configuration client generates! a configuration package for the at least one network appliance" 
(emphasis added), in the context claimed by appellant. 
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Additionally, with respect to independent Claims 24 and 34, the Examiner has relied on Col. 6, 
lines 29-38; Col. 7, lines 16-29; and item 30 of Figure 3 in OToole to make a prior art showing 
of appellant's claimed "completion module sending a message comprising one of success, failure 
and unconfigured following configuration package installation at each such network appliance" 
(see the same or similar, but not necessarily identical language in the foregoing claims). 

Appellant respectfully asserts that the excerpt and figure from OToole relied upon by the 
Examiner merely disclose that the "registry has an attached database 30, which has a number of 
tables in it, including an ownership table 32, a boot status table 34, and a confi juration table 36" 
(emphasis added). However, the mere disclosure of a registry with an attached database which 
includes an ownership table, boot status table, and configuration table, as in OToole, clearly 
fails to even suggest "a completion module sending a message comprising one of success, failure 
and unconfigured following configuratiop package installation at each such network appliance" 
(emphasis added), as claimed by appellant. 

In addition, with respect to independent Claims 24 and 34, the Examiner has relied on Col. 24, 
lines 10-64 in OToole to make a prior art showing of appellant's claimed "status daemon 
initializing a secure management session following successful configuration package installation 
on at least one such network appliance" (see the same or similar, but not necessarily identical 
language in the foregoing claims). 

Appellant respectfully asserts that the excerpt from OToole relied upon by the Examiner merely 
discloses mat the "[b]ooter 48 is responsible for configuring the appliance" and mat "[i]t runs the 
remote boot algorithm, collects database records, and then launches the other modules" 
(emphasis added). However, the mere disclosure that the booter configures the appliance, runs 
the remote boot algorithm, collects database records, and launches other modules, as in OToole, 
fails to even suggest a "status daemon [which] initializresl a secure management session 
following successful configuration package installation on at least one such network appliance" 
(emphasis added), as claimed by appellant In particular, the excerpt ftom OToole fails to teach 
"initializing a secure management session following .successful configuration package 
installation " (emphasis added), as claimed by appellant. 
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Again, appellant respectfully asserts that at least the third element of the prima facie case of 
obviousness has not been met, as noted above. 

Group #5: Claims 27 and 37 

With respect to Claims 27 and 37, the Examiner has relied on paragraph [0042] from Cohen to 
make a prior art showing of appellant's claimed "deploying one such applet from the library to 
each such configuration client using a secure session" (see the same or similar language in the 
foregoing claims). 

Appellant respectfully notes that the above excerpt relied on by the Examiner merely teaches that 
"[a] server can contain security or billing electronic service (e-service) logic 400" and that 
"[t]he logic 400 uses the user/user ID verifier 430 to determine user access to other devices and 
to account for usage by the user of the devices" (paragraph [0042] - emphasis added). However, 
disclosing the use of security logic to determine access to devices and account for usage of 
devices does not teach " deploying one such applet from the library to each such configuration 
client using a secure session " (emphasis added), as claimed by appellant 

Again, appellant respectfully asserts that at least the third element of the prima facie case of 
obviousness has not been met, as noted above. 

In view of the remarks set forth hereinabove, all of the independent claims are deemed allowable, 
along with any claims depending therefrom. 
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VIH CLAIMS APPENDIX (37 CF.R. § 41.37(c)(l)(viii)) 

The text of the claims involved in the appeal (along with associated status information) is set 
forth below: 

1 . (Previously Presented) A system for providing Web browser-based remote network appliance 
configuration in a distributed computing environment, comprising: 

one or more network appliances interconnected within a bounded network domain defined by 
a common network address space; 

a configuration client comprising an applet executing within a Web browser and configuring 
the network appliances, comprising: 

a status module broadcasting a query message to the network appliances and 

processing a response message containing network settings, including a physical network 

address, received by the applet from at least one such network appliance responsive to the 

query message; and 

a configuration module generating and sending a configuration packet using the 
physical network address for each at least one such network appliance sending a response 
message and requiring configuration; 

a list of the network appliances maintained by the status module for each at least one such 
network appliance sending a response message and not requiring configuration; and 

a completion module receiving a status message from each at least one such network 
appliance requiring configuration responsive to receipt of the configuration packet; 

wherein when the status message indicates an unsuccessful configuration, further comprising 
resending the configuration packet to the at least one such network appliance. 

2. (Cancelled) 

3. (Cancelled) 

4. (Previously Presented) A system according to Claim 1, wherein when the status message 
indicates a successful configuration, further comprising sending a kickstart message to each at least 
one such network appliance to initiate an autonomous management session. 
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5. (Cancelled) 

6. (Previously Presented) A system according to Claim 1 , wherein when the status message 
indicates an on-going configuration, further comprising waiting for completion of configuration by 
the at least one such network appliance. 

7. (Original) A system according to Claim 1 , further comprising: 

an applet database storing a plurality of applets customized for execution within each such 
bounded network domain; and 

an applet request module receiving the applet from the applet database and installing the 
applet into the Web browser prior to broadcasting the query message. 

8. (Original) A system according to Claim 7, wherein the applet is received in a secure session. 

9. (Original) A system according to Claim 1, farther comprising: 

a message queue storing instructions for the applet, comprising sending at least one of the 
query message and the configuration packet. 

1 0. (Original) A system according to Claim 1 , further comprising: 

a packet generator storing into the configuration packet values comprising at least one of 
hostname, domain, internet protocol address, netmask, gateway, primary domain name server, and 
secondary domain name server, 

1 1 . (Original) A system according to Claim 1, wherein the bounded network domain is compliant 
with the TCP/IP and the configuration packet is compliant with the UDP. 

12. (Previously Presented) A method for providing Web browser-based remote network 
appliance configuration in a distributed computing environment, comprising: 

broadcasting a query message from an applet executing within a Web browser to one or more 
network appliances interconnected within a bounded network domain defined by a common network 
address space; 
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processing a response message containing network settings, including a physical network 
address, received by the applet from at least one such network appliance responsive to the query 
message; 

generating and sending a configuration packet using the physical network address for each at 
least one such network appliance sending a response message and requiring configuration; 

updating a list of the network appliances for each at least one such network appliance 
sending a response message and not requiring configuration; and 

receiving a status message from each at least one such network appliance requiring 
configuration responsive to receipt of the configuration packet; 

wherein when the status message indicates an unsuccessful configuration, further 

comprising: 

resending the configuration packet to the at least one such network appliance. 

13. (Cancelled) 

14. (Cancelled) 

15. (Previously Presented) A method according to Claim 12, wherein when the status message 
indicates a successful configuration, further comprising: 

sending a kickstart message to each at least one such network appliance to initiate an 
autonomous management session. 

16. (Cancelled) 

1 7. (Previously Presented) A method according to Claim 12, wherein the status message 
indicates an on-going configuration, further comprising: 

waiting for completion of configuration by the at least one such network appliance. 

18. (Original) A method according to Claim 12, further comprising: 

receiving the applet from an applet database storing a plurality of applets customized for 
execution within each such bounded network domain; and 

installing the applet into the Web browser prior to broadcasting the query message. 
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1 9. (Original) A method according to Claim 1 8, further comprising: 
receiving the applet in a secure session, 

20. (Original) A method according to Claim 12, further comprising: 

sending at least one of the query message and the configuration packet from the applet 
responsive to instructions maintained in a message queue. 

21 . (Original) A method according to Claim 12, further comprising: 

storing into the configuration packet values comprising at least one of hostname, domain, 
internet protocol address, netmask, gateway, primary domain name server, and secondary domain 
name server. 

22. (Original) A method according to Claim 12, wherein the bounded network domain is 
compliant with the TCP/IP and the configuration packet is compliant with the UDP. 

23 . (Previously Presented) A computer-readable storage medium holding code for performing 
the method according to Claims 12, 15, 17 3 18, 19, 20, 21, or 22. 

24. (Previously Presented) A system for remotely configuring a network appliance deployed 
within a distributed computing environment, comprising: 

at least one network appliance sending a response message containing network settings 
responsive to a query message broadcast over a specified network domain within which the at least 
one network appliance operates; 

a configuration client generating a configuration package for the at least one network 
appliance and containing centrally managed network settings customized for the at least one network 
appliance; 

a bootstrap module on the at least x>ne network appliance installing the configuration package 
as part of an initialization bootstrap operation; 

a library of applets for one or more Web browser-based configuration clients operating 
within the specified network domain; 
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a completion module sending a message comprising one of success, failure and unconfigured 
following configuration package installation at each such network appliance; and 

a status daemon initializing a secure management session following successful configuration 
package installation on at least one such network appliance. 

25. (Original) A system according to Claim 24, further comprising: 

a centrally managed library of configurations containing network settings for each such 
network appliance operating with the specified network domain. 

26. (Cancelled) 

27. (Previously Presented) A system according to Claim 24, further comprising: 

an applet server deploying one such applet from the library to each such configuration client 
using a secure session. 

28. (Original) A system according to Claim 24, further comprising: 

a standardized user interface exported by the configuration client and providing configuration 
controls for a heterogeneous set of the network appliances. 

29. (Original) A system according to Claim 24, further comprising: 

a package generator including at least one of a timestamp and a unique seed value in each 
such configuration package. 

30. (Cancelled) 

31. (Cancelled) 

32. (Original) A system according to Claim 24, wherein at least one such network appliance 
performs one of electronic mail anti-virus scanning, content filtering, packet routing, and file, Web 
and print servicing. 
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33. (Original) A system according to Claim 24, wherein the distributed computing environment 
is TCP/IP-compliant. 

34. (Previously Presented) A method for remotely configuring a network appliance deployed 
within a distributed computing environment, comprising: 

sending a response message containing network'settings from at least one network appliance 
responsive to a query message broadcast over a specified network domain within which the at least 
one network appliance operates; 

generating a configuration package for the at least one network appliance and containing 
centrally managed network settings customized for the at least one network appliance; 

installing the configuration package on the at least one network appliance as part of an 
initialization bootstrap operation; 

maintaining a library of applets for one or more Web browser-based configuration clients 
operating within the specified network domain; 

sending a message comprising one of success, failure and unconfigured following 
configuration package installation at each such network appliance; and 

initializing a secure management session following successful configuration package 
installation on at least one such network appliance. 

35. (Original) A method according to Claim 34, further comprising: 

centrally managing a library of configurations containing network settings for each such 
network appliance operating with the specified network domain. 

36. (Cancelled) 

37. (Previously Presented) A method according to Claim 34, further comprising: 

deploying one such applet from the library to each such configuration client using a secure . 
session. 

38. (Original) A method according to Claim 34, further comprising: 

exporting a standardized user interface providing configuration controls for a heterogeneous 
set of the network appliances. 
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39. (Original) A method according to Claim 34, further comprising: 

including at least one of a timestamp and a unique seed value in each such configuration 
package. 

40. (Cancelled) 

41. (Cancelled) 

42. (Original) A method according to Claim 34, wherein at least one such network appliance 
performs one of electronic mail anti-vinis scanning, content filtering, packet routing, and file, Web 
and print servicing, 

43. (Original) A method according to Claim 34, wherein the distributed computing environment 
is TCP/IP-compliant 

44. (Previously Presented) A computer-readable storage medium holding code for performing 
the method according to Claims 34, 35, 37, 38, 39, 42, or 43. 
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IX EVIDENCE APPENDIX (37 C.F.R. § 41.37(c)(l)(ix)) 
There is no such evidence. 
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X RELATED PROCEEDING APPENDIX (37 C.F.R § 41.37(c)(l)(x)) 

N/A 
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In the event a telephone conversation would expedite the prosecution of this application, the 
Examiner may reach the undersigned at (408) 971-2573. For payment of any additional fees due 
in connection with the filing of this paper, the Commissioner is authorized to charge such fees to 
Deposit Account No. 50-1351 (Order No. NAI1P372/01.085.02). 




Respectfully ^obmi 
By: 

Kevin J, 

Reg. No". 41,429 



Date: 



Zilka-Kotab, P.C. 

P.O. Box 721120 

San Jose, California 95172-1 120 

Telephone: (408) 971-2573 

Facsimile: (408) 971-4660 
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